Replace mbedtls_x509_san_node with mbedtls_x509_subject_alternative_name
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel
parent
3a92593d1e
commit
5a49d3cce3
4 changed files with 30 additions and 30 deletions
|
|
@ -83,15 +83,8 @@ typedef struct mbedtls_x509write_csr {
|
||||||
}
|
}
|
||||||
mbedtls_x509write_csr;
|
mbedtls_x509write_csr;
|
||||||
|
|
||||||
typedef struct mbedtls_x509_san_node {
|
|
||||||
int type; /**< Subject Alternative Name types */
|
|
||||||
char *name; /**< Value, following the syntax allowed bythe type */
|
|
||||||
size_t len; /**< Length of the provided value */
|
|
||||||
}
|
|
||||||
mbedtls_x509_san_node;
|
|
||||||
|
|
||||||
typedef struct mbedtls_x509_san_list {
|
typedef struct mbedtls_x509_san_list {
|
||||||
mbedtls_x509_san_node node;
|
mbedtls_x509_subject_alternative_name node;
|
||||||
struct mbedtls_x509_san_list *next;
|
struct mbedtls_x509_san_list *next;
|
||||||
}
|
}
|
||||||
mbedtls_x509_san_list;
|
mbedtls_x509_san_list;
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,7 @@
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CSR_WRITE_C)
|
#if defined(MBEDTLS_X509_CSR_WRITE_C)
|
||||||
|
|
||||||
|
#include "mbedtls/x509.h"
|
||||||
#include "mbedtls/x509_csr.h"
|
#include "mbedtls/x509_csr.h"
|
||||||
#include "mbedtls/asn1write.h"
|
#include "mbedtls/asn1write.h"
|
||||||
#include "mbedtls/error.h"
|
#include "mbedtls/error.h"
|
||||||
|
|
@ -97,16 +98,23 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct
|
||||||
|
|
||||||
/* Determine the maximum size of the SubjectAltName list */
|
/* Determine the maximum size of the SubjectAltName list */
|
||||||
while (cur != NULL) {
|
while (cur != NULL) {
|
||||||
if (cur->node.len <= 0) {
|
/* Calculate size of the required buffer */
|
||||||
return 0;
|
switch(cur->node.type) {
|
||||||
|
case MBEDTLS_X509_SAN_DNS_NAME:
|
||||||
|
case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER:
|
||||||
|
case MBEDTLS_X509_SAN_IP_ADDRESS:
|
||||||
|
/* + length of value for each name entry,
|
||||||
|
* + maximum 4 bytes for the length field,
|
||||||
|
* + 1 byte for the tag/type.
|
||||||
|
*/
|
||||||
|
buflen += cur->node.san.unstructured_name.len + 4 + 1;
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
/* Not supported - skip. */
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Calculate size of the required buffer:
|
|
||||||
* + length of value for each name entry,
|
|
||||||
* + maximum 4 bytes for the length field,
|
|
||||||
* + 1 byte for the tag/type.
|
|
||||||
*/
|
|
||||||
buflen += cur->node.len + 4 + 1;
|
|
||||||
|
|
||||||
cur = cur->next;
|
cur = cur->next;
|
||||||
}
|
}
|
||||||
|
|
@ -133,10 +141,9 @@ int mbedtls_x509write_csr_set_subject_alternative_name(mbedtls_x509write_csr *ct
|
||||||
case MBEDTLS_X509_SAN_IP_ADDRESS:
|
case MBEDTLS_X509_SAN_IP_ADDRESS:
|
||||||
MBEDTLS_ASN1_CHK_ADD(len,
|
MBEDTLS_ASN1_CHK_ADD(len,
|
||||||
mbedtls_asn1_write_raw_buffer(&p, buf,
|
mbedtls_asn1_write_raw_buffer(&p, buf,
|
||||||
(const unsigned char *) cur->node
|
(const unsigned char *) cur->node.san.unstructured_name.p,
|
||||||
.name,
|
cur->node.san.unstructured_name.len));
|
||||||
cur->node.len));
|
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.san.unstructured_name.len));
|
||||||
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, cur->node.len));
|
|
||||||
MBEDTLS_ASN1_CHK_ADD(len,
|
MBEDTLS_ASN1_CHK_ADD(len,
|
||||||
mbedtls_asn1_write_tag(&p, buf,
|
mbedtls_asn1_write_tag(&p, buf,
|
||||||
MBEDTLS_ASN1_CONTEXT_SPECIFIC |
|
MBEDTLS_ASN1_CONTEXT_SPECIFIC |
|
||||||
|
|
|
||||||
|
|
@ -252,12 +252,12 @@ usage:
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strcmp(q, "IP") == 0) {
|
if (strcmp(q, "IP") == 0) {
|
||||||
cur->node.name = (char *) ip;
|
cur->node.san.unstructured_name.p = (unsigned char *) ip;
|
||||||
cur->node.len = sizeof(ip);
|
cur->node.san.unstructured_name.len = sizeof(ip);
|
||||||
} else {
|
} else {
|
||||||
q = r2;
|
q = r2;
|
||||||
cur->node.name = q;
|
cur->node.san.unstructured_name.p = (unsigned char *) q;
|
||||||
cur->node.len = strlen(q);
|
cur->node.san.unstructured_name.len = strlen(q);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (prev == NULL) {
|
if (prev == NULL) {
|
||||||
|
|
|
||||||
|
|
@ -161,16 +161,16 @@ void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
|
||||||
const char *san_uri_name = "http://pki.example.com/";
|
const char *san_uri_name = "http://pki.example.com/";
|
||||||
|
|
||||||
san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
|
san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
|
||||||
san_uri.node.name = (char *) san_uri_name;
|
san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name;
|
||||||
san_uri.node.len = strlen(san_uri_name);
|
san_uri.node.san.unstructured_name.len = strlen(san_uri_name);
|
||||||
san_uri.next = NULL;
|
san_uri.next = NULL;
|
||||||
san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
|
san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
|
||||||
san_ip.node.name = (char *) san_ip_name;
|
san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name;
|
||||||
san_ip.node.len = sizeof(san_ip_name);
|
san_ip.node.san.unstructured_name.len = sizeof(san_ip_name);
|
||||||
san_ip.next = &san_uri;
|
san_ip.next = &san_uri;
|
||||||
san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME;
|
san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME;
|
||||||
san_dns.node.name = (char *) san_dns_name;
|
san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name;
|
||||||
san_dns.node.len = strlen(san_dns_name);
|
san_dns.node.san.unstructured_name.len = strlen(san_dns_name);
|
||||||
san_dns.next = &san_ip;
|
san_dns.next = &san_ip;
|
||||||
san_list = &san_dns;
|
san_list = &san_dns;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue